Return 403 Forbidden rather than 401 Unauthorized on restricted project

401 Unauthorized requires a WWW-Authenticate header according to the
spec, which is not something that gitphp supports (Basic
authentication). 403 Forbidden technically means that authentication
won't help, but in this case they're talking about basic http
authentication, not app-level authentication.

Also I forgot to map the 401 code to a status header, so that wasn't
even working anyway.